Routing problems to 2400:CB00::/32 CLOUDFLARE

Nick Hilliard nick at
Sat Jun 16 01:10:02 CEST 2012

On 15/06/2012 22:59, Mick O'Rourke wrote:
> The above said why not relax filters to use /48?

Because it costs money.  Lots of it.

Each v6 packet forwarding engine (e.g. tcam) slot generally takes 4x the
amount of space that an ipv4 slot takes.  I.e. each ipv6 prefix takes 4x
the forwarding resources that an ipv4 prefix takes.

This has a very real and substantial cost associated with upgrading line
cards on distributed architecture routers, when you hit the hardware size
limitations of that line card.  When it happens, you suddenly find yourself
having to upgrade every line card on your network.  This is a crazy
expensive proposition, which is why a lot of providers tend to be pretty
sensitive about DFZ bloat.

For an organisation like a CDN, there are good reasons as to why you would
want a /48 at each site.  But if this is the case, provider independent /48
blocks would seem like a better choice.

> will you wait for your customers to complain or leave your network as
> they can't reach content before you do?

I suspect that will happen far sooner for Cloudflare clients when they
realise that chunks of the Internet have connectivity problems with their
CDN due to their v6 addressing model.  Happy eyeballs is not universally
deployed and even where it is, it still has a lot of teething problems.

I'm curious about the scale of this problem though, and how many ASNs
implement strict RIR allocation-aligned filtering.  Might make an
interesting project if someone had a couple of days to spare.


More information about the ipv6-ops mailing list